<?php
require_once('db.php');
  
  // Connect to the database
	$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $username = mysqli_real_escape_string($dbc, trim($_POST['username']));
    $password1 = mysqli_real_escape_string($dbc, trim($_POST['password1']));
    $password2 = mysqli_real_escape_string($dbc, trim($_POST['password2']));
    $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name']));
    $last_name = mysqli_real_escape_string($dbc, trim($_POST['last_name']));
    $email = mysqli_real_escape_string($dbc, trim($_POST['email']));
	$webbpage = mysqli_real_escape_string($dbc, trim($_POST['webbpage']));

    if (!empty($username) && !empty($password1) && !empty($password2) && !empty($first_name)
	&& !empty($last_name) && !empty($email) && ($password1 == $password2)) {
	
      // Make sure someone isn't already registered using this username
      $query = "SELECT * FROM user WHERE username = '$username'";
      $data = mysqli_query($dbc, $query);
      if (mysqli_num_rows($data) == 0) {
	  
        // Insert the data into the database
        $query = "INSERT INTO user (username, password, first_name, last_name, email, webbpage, join_date) 
		VALUES ('$username', SHA('$password1'), '$first_name', '$last_name', '$email', '$webbpage', NOW())";
        mysqli_query($dbc, $query);

        // Confirm success
        echo '<p>Your new account has been successfully created. You\'re now ready to <a href="login.php">log in</a>.</p>';
        // You\'re now ready to <a href="index.php?act=login">log in</a>.</p>'

        mysqli_close($dbc);
        exit();
      }
      else {
	  
        // An account already exists for this username
        echo '<p class="error">An account already exists for this username. Please use a different username.</p>';
        $username = "";
      }
    }
    else {
      echo '<p class="error">You must enter all of the sign-up data, including the desired password twice.</p>';
    }
  }

  //mysqli_close($dbc);
?>

  <p>Please enter your username and desired password.</p>
  <form method="post" action="index.php?act=register">

     <ul> 
      <ol><label for="username">Username:</label></ol>
      <ol><input type="text" name="username" value="<?php if (!empty($username)) echo $username; ?>" /></ol>
      <ol><label for="password1">Password:</label></ol>
      <ol><input type="password" name="password1" /></ol>
      <ol><label for="password2">Password (retype):</label></ol>
      <ol><input type="password" name="password2" /></ol>
      <ol><label for="first_name">First name:</label></ol>
      <ol><input type="text" name="first_name" value="<?php if (!empty($first_name)) echo $first_name; ?>" /></ol>
      <ol><label for="last_name">Last name:</label></ol>
      <ol><input type="text" name="last_name" value="<?php if (!empty($last_name)) echo $last_name; ?>" /></ol>
      <ol><label for="email">Email:</label></ol>
      <ol><input type="text" name="email" value="<?php if (!empty($email)) echo $email; ?>" /></ol>
	  <ol><label for="webbpage">Webbpage</label></ol>
	  <ol><input type="text" name="webbpage" value="<?php if (!empty($webbpage)) echo $webbpage; ?>" /></ol>

      <ol><input type="submit" value="Register" name="submit" /></ol>
    <ul>	
  </form>